Simple tool to dump/hide services in services.exe process.
☆14Apr 22, 2022Updated 3 years ago
Alternatives and similar repositories for srvhide
Users that are interested in srvhide are comparing it to the libraries listed below
Sorting:
- LLVM based devirtualization PoC’s.☆21Dec 11, 2021Updated 4 years ago
- Tiny Windows executable that outputs version information about the OS.☆11Feb 1, 2026Updated last month
- Freeze target threads (external - internal ) by avoiding SuspendThread detections. Or access registers from start address.☆35Mar 23, 2024Updated last year
- ☆26Dec 29, 2021Updated 4 years ago
- Open-source EDR kernel-component for system monitoring and DLL injection☆33Nov 14, 2020Updated 5 years ago
- Rookit and anti rookit on Windows platform☆14Apr 30, 2024Updated last year
- ☆29Nov 22, 2023Updated 2 years ago
- vdk is a set of utilities used to help with exploitation of a vulnerable driver.☆46May 22, 2022Updated 3 years ago
- defender_database☆24Oct 31, 2023Updated 2 years ago
- function identification signatures☆12Apr 26, 2021Updated 4 years ago
- ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…☆50Mar 22, 2023Updated 2 years ago
- PoC for CVE-2021-3129 (Laravel)☆12Oct 9, 2021Updated 4 years ago
- SetWinEventHook Sample☆50Sep 23, 2023Updated 2 years ago
- ☆61Feb 10, 2022Updated 4 years ago
- Sliver agent rewritten in C++☆49Sep 4, 2024Updated last year
- Exports monitoring plugin for x64dbg☆22Mar 14, 2023Updated 3 years ago
- ☆59Oct 17, 2024Updated last year
- Utility functions for building Windows kernel drivers in Rust☆21Nov 16, 2021Updated 4 years ago
- Dangling COM Keys Finder☆17Nov 16, 2021Updated 4 years ago
- Linux/x86 - Reverse (dynamic IP and port/TCP) Shell (/bin/sh) Shellcode (86 bytes)☆13Jul 30, 2021Updated 4 years ago
- BasicLDR: A Reflective DLL Loader☆14Jun 11, 2024Updated last year
- Simple poc of CVE-2018-8414 Windows Package Setting RCE Vulnerability☆22Sep 21, 2020Updated 5 years ago
- Attempts to suspend all known AV/EDRs processes on Windows using syscalls and the undocumented NtSuspendProcess API. Made with <3 for pen…☆13May 11, 2023Updated 2 years ago
- ☆144Dec 10, 2022Updated 3 years ago
- Extension functionality for the NightHawk operator client☆26Oct 31, 2023Updated 2 years ago
- Two C# RunPE's capable of x86 and x64 injections☆11Dec 2, 2018Updated 7 years ago
- Giga-byte Control Center (GCC) is a software package designed for improved user experience of Gigabyte hardware, often found in gaming an…☆34Feb 2, 2026Updated last month
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆39Jul 12, 2024Updated last year
- Uses WMI Event Win32_ModuleLoadTrace to monitor module loading. Provides filters, and detailed data. Has an option to monitor for CLR Inj…☆42May 9, 2019Updated 6 years ago
- 4.9 Kernel Exploit for CVE-2020-27786☆10Dec 3, 2022Updated 3 years ago
- research revolving the windows filtering platform callout mechanism☆39May 26, 2024Updated last year
- ☆23Mar 6, 2023Updated 3 years ago
- 基于MFC框架实现的Windows进程信息查看,窗口查看,软件卸载,开机启动项,进程保护与隐藏☆11Jun 17, 2021Updated 4 years ago
- Dice CTF 2022 breach write-up☆15Feb 14, 2022Updated 4 years ago
- Reverse engineered API for Microsoft's Time Travel Debugger☆36Apr 18, 2024Updated last year
- MiniSDK☆10Nov 8, 2021Updated 4 years ago
- ☆13Jul 11, 2024Updated last year
- Extension functionality for the NightHawk operator client☆26Nov 3, 2023Updated 2 years ago
- UEDumper☆44Apr 13, 2021Updated 4 years ago